CNNVD-202508-1340 Information
CNNVD ID
CNNVD-202508-1340
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-1之前版本存在安全漏洞,该漏洞源于处理带独立alpha通道图像时的堆缓冲区溢出读取,可能导致内存内容泄露。
Description (English)
ImageMagick is an open-source image-processing software for ImageMagick open source. Reads, converts or writes pictures in multiple formats. Prior to ImageMagick 7.1.2-1, there was a security loophole, which arose from the spill-out of the buffer zone during the processing of images with an independent alpha channel, which could lead to the release of memory content.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
ImageMagick
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw https://goo.gle/bigsleep https://access.redhat.com/security/cve/cve-2025-55004
Patch
https://github.com/ImageMagick/ImageMagick/releases
Share on: